Lucene search
Transformers Security Vulnerabilities
cve
Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.
4.7CVSS
4.6AI Score
0.0004EPSS
2023-05-18 05:15 PM
30
cve
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
8.8CVSS
8.7AI Score
0.001EPSS
2023-12-19 01:15 PM
22
cve
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
7.8CVSS
7.7AI Score
0.001EPSS
2023-12-20 05:15 PM
30
cve
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the load_repo_checkpoint() function of the TFPreTrainedModel() class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploit...
3.4CVSS
8.4AI Score
0.0004EPSS
2024-04-10 05:15 PM
53